<?php
    include 'database.php';
    header("Content-type: text/html; charset=utf-8");
    function user_and_password($user_name, $pword)
    {
        $db_connect = database_connect();
        $stmt = $db_connect->prepare("select * from `bloger` where `name`=?");
        $stmt->bindParam(1,$user_name);
        $stmt->execute();
        $row = $stmt->fetch(PDO::FETCH_ASSOC);
        if ($row === false) {
            return false;
        }elseif ($row['password']!=$pword){
            return false;
        }else{
            return true;
        }
    }

    session_start();
    $user_name = $_POST['user_name'];
    $user_pword = $_POST['user_pword'];

    if (empty($user_name)) {
        echo "<script>alert('请输入用户名');history.back();</script>";
    }elseif (empty($user_pword)) {
        echo "<script>alert('请输入密码');history.back();</script>";
    }
    $if_login = user_and_password($user_name, $user_pword);
    if (!$if_login){
        echo "<script>alert('用户名或密码错误，请重新输入');history.back();</script>";
    }else{

        $_SESSION['user_name'] = $user_name;
        setcookie('login_time',date('Y-m-d H:i:s'),time()+3600*24);
        $_COOKIE['user_name'] = $user_name;
        header("location:home.php");
    }
?>